batchresetadpasswords

Batch Reset AD Passwords

Requirements

bash
pwgen (or a similar tool)
Domain Controller

Step by step

Obtain a list of usernames, one per line
e.g. ls -1 /Volumes/Homes > userlist.csv

Do a while loop

while read p
do echo "$p",`pwgen -y 10 1 | sed 's/,/./g'`
done <userlist.csv > pwlist.csv

Insert username,password as the first line
Double-check the list for illegal characters
Copy the .csv to a domain controller

Use the following powershell script on the DC, modify the file location:

Import-Module ActiveDirectory
 
$users = Import-Csv -Path C:\Users\myuser\pwlist.csv
 
foreach($user in $users)
{
    $PlainTextPassword=[string]$user.password
    $NewPassword=ConvertTo-SecureString $PlainTextPassword -AsPlainText -force
    Set-ADAccountPassword -identity $user.username -Reset -NewPassword $NewPassword -Verbose

Execute!

batchresetadpasswords.txt · Last modified: 2022/02/28 15:38 by wolfo